How to obtain executive buy-in for cybersecurity initiatives

With the ever-increasing number of high-profile data breaches and cyber attacks, you would think that it would be fairly easy to convince your executives to invest in cybersecurity. However, as every IT decision maker knows, it just doesn’t work like that.

For most people, executives included, until the problem is staring them in the face it is all too easy for them to convince themselves that it just won’t happen to them, or that they are already doing enough.

In the world of digital security, however, there is no such thing as ‘enough’: threats are constantly evolving and finding new ways into previously secure systems, so only continuous work and investment can keep your business safe.

There are three key approaches to take to help your executives see the light when it comes to cybersecurity: using measurable success metrics, conducting real-world demonstrations, and talking about cold hard cash.

Steer clear of fear and define success

While news stories about corporations brought to their knees by cyber attacks can prompt a bit of a spending spree, they don’t tend to result in long-term investment. For that, you need to be able to demonstrate continuing progress, as well as continuing need.

To that end, you need to define success for your IT team, and not just in the most obvious ‘200 days since last data breach’ sort of way; that just reinforces the view that you are doing ‘enough’.

Instead, have your security professionals constantly conduct penetration tests, patching exploits, and closing holes as they are found. Use the number of vulnerabilities fixed as your continuing metric to show that no matter how much you do, the rapidly evolving nature of digital business (as well as digital threats) means that new vulnerabilities are always evolving, so constant investment is needed to keep your team plugging the holes as they appear.

Conduct some ‘real world’ tests

Fundamentally, the vast majority of breaches are still caused by the age-old tactic of social engineering, for which most people believe that they are too smart to fall.

While it can be a bit of a questionable career move to humiliate your executives, you can conduct a ‘real world’ experiment and send manufactured phishing emails, fake unsafe links, or attachments from unknown emails addresses to key decision makers in your company, and track how many of them fall for the simple tricks. You might not make any friends, but you will demonstrate the need for security in real terms.

Talk about the bottom line

At the end of the day, people at the top of businesses respond most keenly to discussions surrounding the impact of something on the bottom line, so you need to show them that poor security can cost much more than investment. You could talk about the cost of a data breach itself, but that is nebulous. Instead, look to the upcoming GDPR, which promises up to €20 million or 4% of global turnover to firms who fail to properly secure sensitive data.

Even with these tips, convincing executives is no easy task: but you don’t have to do it alone. Contact Ross Clifford & Associates to help alleviate the senior digital resource shortfalls and enable you to overcome these important issues.

 

Latest Jobs

Don't just take our word for it

  • Tom Salvat, CEO, CONCURED
    "As a fast-growing start up, we need great people with a tough set of skills to find. They need to be hungry, experienced and fit the culture of a business that is always adapting and growing. Finding these people using Linkedin and other job boards is tough, time-consuming and rarely bears fruit. Ross has always been able to uncover gems for us, and we are benefiting greatly from his skills at CONCURED. Ross has a rare ability to really understand the business, the culture and the people that will nail the role. I couldn't recommend him highly enough, and he is the only recruiter we deal with"      
    - Tom Salvat, CEO, CONCURED
    Tom Salvat, CEO, CONCURED
  • Tariq Mahmood, Enterprise Sales, Concured AI Content Marketing
    I am writing to express my gratitude to Ross Clifford & Associates who helped me successfully secure the role of Enterprise Sales Executive at Concured. Ross was extremely professional and understood the specifics of the job I required. I especially appreciated his fast response, transparent communication, and coordination in a timely and efficient manner.
    - Tariq Mahmood, Enterprise Sales, Concured AI Content Marketing
    Tariq Mahmood, Enterprise Sales, Concured AI Content Marketing
  • Jessica Cole, Editor – Redwood London.
    Ross is one of the friendliest recruiters I've dealt with. He was always attentive, quick to respond and ready to help with any questions I had. He's very professional, and not at all superficial like so many other recruiters out there. I would highly recommend him.
    - Jessica Cole, Editor – Redwood London.
    Jessica Cole, Editor – Redwood London.
  • Gareth Lofthouse, Founding Partner, Longitude.
    “We look for commercial people with a rare blend of talents. They need to be able to advise our blue-chip clients on thought leadership strategy. They need to be highly strategic and purposeful in uncovering opportunity. And they need the hunger it takes to thrive in a rapidly evolving business. RC&A were quick to understand our needs, they only delivered high-quality people for interview, and succeeded in getting us a winning candidate incredibly fast.”  
    - Gareth Lofthouse, Founding Partner, Longitude.
    Gareth Lofthouse, Founding Partner, Longitude.
  • Johnny Meredith, Senior New Business Manager, The Bio Agency.
    I can't rate or recommend Ross highly enough. He brings a thoughtful, personal approach to the process, carefully matching opportunities with candidates, through a good understanding of their priorities and skills. Throughout, he keeps candidates up to date in an open, honest way. A genuine pleasure to work with.
    - Johnny Meredith, Senior New Business Manager, The Bio Agency.
    Johnny Meredith, Senior New Business Manager, The Bio Agency.
  • Karen Troman, Office Manager & HR Co-ordinator, VoucherCodes.co.uk part of RetailMeNot
    Ross is the best recruitment agent I have worked with, he stayed in contact, kept me informed and was with me every step of the process. He also checked in with me during my first couple of weeks in my new role to make sure I was settling in. I wouldn't hesitate to recommend him.
    - Karen Troman, Office Manager & HR Co-ordinator, VoucherCodes.co.uk part of RetailMeNot
    Karen Troman, Office Manager & HR Co-ordinator, VoucherCodes.co.uk part of RetailMeNot
  • Neil Kettleborough, CRO & Co Founder, Chalk Social
    I have worked with Ross over 4 years now and he has always delivered a really high standard of candidate both at senior and junior level. His online knowledge is second to none and all the candidates he has put forward over the years have only good things to say about Ross and his work ethic.
    - Neil Kettleborough, CRO & Co Founder, Chalk Social
    Neil Kettleborough, CRO & Co Founder, Chalk Social
  • Helen Rosemier, Commercial Director, Professional & Financial Services Practice, Longitude
    Ross is a fantastic recruitment consultant -  extremely professional, meticulous, patient and supportive. Throughout the process, I felt he represented me really well and genuinely cared about my career and finding the right role. Thanks to Ross I am now in a role I love, working with a brilliant team. Very highly recommended!
    - Helen Rosemier, Commercial Director, Professional & Financial Services Practice, Longitude
    Helen Rosemier, Commercial Director, Professional & Financial Services Practice, Longitude

© Ross Clifford Associates. Website by Outlines Design.